Skip to main content
Version: latest

CVE-2022-28948

CVE Details

CVE-2022-28948

Last Update

09/20/2024

NIST CVE Summary

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.

Our Official Summary

A flaw was found in the Unmarshal function in Go-Yaml. This vulnerability results in program crashes when attempting to convert (or deserialize) invalid input data, potentially impacting system stability and reliability. 3rd party images affected will be upgraded to remove the vulnerability.

CVE Severity

7.5

Status

Ongoing

Affected Products & Versions

  • Palette VerteX 4.4.18

Revision History

  • 1.0 09/15/2024 Initial Publication
  • 2.0 09/15/2024 Added palette VerteX 4.4.18 to Affected Products